<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport"
          content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Login</title>
</head>
<body>
<!--
action="/login" 处理登录请求的地址，默认是/login，只能处理账号密码登录请求
method="post" 请求方式不能改
name="username" 用户名的参数名 默认是username
name="password" 密码的参数名 默认是password
-->
<form action="/login" method="post">
    username：<input type="text" name="username"><br>
    password：<input type="password" name="password"><br>
    <input type="submit" value="submit">
</form>
</body>
</html>


<!--csrf 跨站请求伪造


-->


<!--<form name='f' action='/login' method='POST'>-->
<!--    <table>-->
<!--        <tr><td>User:</td><td><input type='text' name='username' value=''></td></tr>-->
<!--        <tr><td>Password:</td><td><input type='password' name='password'/></td></tr>-->
<!--        <tr><td colspan='2'><input name="submit" type="submit" value="Login"/></td></tr>-->
<!--        <input name="_csrf" type="hidden" value="b2fb87dd-0e4b-43ca-abd9-29ccef7abcc8" />-->
<!--    </table>-->
<!--</form>-->
